Skip to Main Content
Official Seal - Department of Defense Cyber Crime Center (DC3)


Department of Defense
Cyber Crime Center

A Federal Cyber Center

DoD Vulnerability Disclosure Program (VDP)

The DoD Vulnerability Disclosure Program (VDP) leverages the experience and knowledge of ethical hackers from around the world to improve network defenses and enhance mission assurance. DC3 was assigned by the Secretary of Defense to be the DoD focal point for receiving vulnerability reports and interacting with researchers consistent with DC3's existing information sharing responsibilities as a Federal Cybersecurity Center.

To read the DoD Vulnerability Disclosure Policy and to submit a vulnerability report:


Contact VDP

General VDP Questions
This link is not to be used to report vulnerabilities on DoD networks and systems.

The VDP provides an independent assessment of DoDIN security and defensive measures by identifying:

  • Vulnerabilities not found by existing red-team and automated efforts

  • Non-compliance with cyber security guidance

  • Training deficiencies